Posted On 02.10.2025

Wikijs | Postgresql | Transport Encryption

0 comments
confdroid.com >> blog >> Wikijs | Postgresql | Transport Encryption
apiVersion: v1
kind: ConfigMap
metadata:
name: wikijs-config
namespace: wikijs
labels:
app: wikijs
data:
DB_HOST: "<db_host>
DB_PORT: "5432"
DB_NAME: "<db_name>"
DB_USER: "<db_user"
DB_SSL: '{"auto":false,"rejectUnauthorized":false}'

and the reference:

Advertisements
 containers:
        - name: wikijs
          image: requarks/wiki:latest
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 3000
          env:
            - name: DB_TYPE
              value: "postgres"
            - name: DB_HOST
              valueFrom:
                configMapKeyRef:
                  name: wikijs-config
                  key: DB_HOST
            - name: DB_PORT
              valueFrom:
                configMapKeyRef:
                  name: wikijs-config
                  key: DB_PORT
            - name: DB_NAME
              valueFrom:
                configMapKeyRef:
                  name: wikijs-config
                  key: DB_NAME
            - name: DB_USER
              valueFrom:
                configMapKeyRef:
                  name: wikijs-config
                  key: DB_USER
            - name: DB_SSL
              valueFrom:
                configMapKeyRef:
                  name: wikijs-config
                  key: DB_SSL

Turned out at the end this was not sufficient. The real solution is described in this blog post and is indeed fully tested. Another technical description can be found in my wiki.

Author Profile

12ww1160DevOps engineer & architect

Advertisements

One thought on “Wikijs | Postgresql | Transport Encryption”

  • Turns out there is more to the thing. The DB_SSL probably needs more settings. Running it like above does not throw an error, but when I remove the pg_hba entry for ‘host’ and only leave ‘hostssl’, the connection fails. Coming back to that again.

Leave a Reply

Your email address will not be published. Required fields are marked *

thirteen − eight =

Related Post

AH00526: Syntax error on line 5 of /etc/httpd/conf.d/ssl.conf

Today I ran into an odd error on my foreman server. I had enabled auto-updates…

Migrating my private cloud to Kubernetes – Introduction

Are you interested in migrating to Kubernetes? Well, I am let me tell ya'll about…

ConfDroid Puppet Modules – SSH

Introducing confdroid_ssh: Reliable and Hardened SSH Access for Your Rocky 9 Servers SSH is the…